Changing your RSA or DSA key passphrase is something that comes around rarely for most people, but eventually there may come a time when you will need to change your secure key pass phrase on your system, this guide will show you how to achieve this on Unix,Linux,Macintosh and Cygwin
The command ssh-keygen is used for managing pass phrases is comes usually comes from the package openssh on most typical system.
The -p switch the the ssh-keygen command is the one that allows you to set a new password.
The -t switch to ssh-keygen allows us to pick the key type.
For full details of the rest of the functions of the ssh-keygen and related tools , use the command man ssh-keygen
Below are some practical real world examples of changing a key pass phrase on a Unix system.
The first shows us changing the password of an RSA based private key:
[nigel@littlemac ~]$ ssh-keygen -p -t rsa
Enter file in which the key is (/home/nigel/.ssh/id_rsa):
Enter old passphrase:
Key has comment '/home/nigel/.ssh/id_rsa'
Enter new passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved with the new passphrase.
The second example demonstrates changes the pass phrase of a DSA based key:
[nigel@littlemac ~]$ ssh-keygen -p -t dsa
Enter file in which the key is (/home/nigel/.ssh/id_dsa):
Enter old passphrase:
Key has comment '/home/nigel/.ssh/id_dsa'
Enter new passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved with the new passphrase.
Third and most commonly used example does not specify the key type and will usually default to RSA on most systems:
[nigel@littlemac ~]$ ssh-keygen -p
Enter file in which the key is (/home/nigel/.ssh/id_rsa):
Enter old passphrase:
Key has comment '/home/nigel/.ssh/id_rsa'
Enter new passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved with the new passphrase.
